diff --git a/libmariadb/ma_secure.c b/libmariadb/ma_secure.c index a893786a..c60e6b2b 100644 --- a/libmariadb/ma_secure.c +++ b/libmariadb/ma_secure.c @@ -72,7 +72,7 @@ static void my_SSL_error(MYSQL *mysql) */ static unsigned long my_cb_threadid(void) { - /* chast pthread_t to unsigned long */ + /* cast pthread_t to unsigned long */ return (unsigned long) pthread_self(); } @@ -180,7 +180,7 @@ void my_ssl_end() EVP_cleanup(); CRYPTO_cleanup_all_ex_data(); ERR_free_strings(); - ENGINE_cleanup(); + //ENGINE_cleanup(); CONF_modules_free(); CONF_modules_unload(1); sk_SSL_COMP_free(SSL_COMP_get_compression_methods()); @@ -194,45 +194,21 @@ void my_ssl_end() /* Set certification stuff. */ -static int my_ssl_set_certs(SSL *ssl) +static int my_ssl_set_certs(MYSQL *mysql) { - int have_cert= 0; - MYSQL *mysql; - + char *key_file= mysql->options.ssl_key ? mysql->options.ssl_key : mysql->options.ssl_cert; DBUG_ENTER("my_ssl_set_certs"); /* Make sure that ssl was allocated and ssl_system was initialized */ - DBUG_ASSERT(ssl != NULL); DBUG_ASSERT(my_ssl_initialized == TRUE); - /* get connection for current ssl */ - mysql= (MYSQL *)SSL_get_app_data(ssl); - /* add cipher */ if ((mysql->options.ssl_cipher && mysql->options.ssl_cipher[0] != 0) && - SSL_set_cipher_list(ssl, mysql->options.ssl_cipher) == 0) + SSL_CTX_set_cipher_list(SSL_context, mysql->options.ssl_cipher) == 0) goto error; - /* set cert */ - if (mysql->options.ssl_cert && mysql->options.ssl_cert[0] != 0) - { - if (SSL_CTX_use_certificate_chain_file(SSL_context, mysql->options.ssl_cert) <= 0) - goto error; - have_cert= 1; - } - - /* set key */ - if (mysql->options.ssl_key && mysql->options.ssl_key[0]) - { - if (SSL_CTX_use_PrivateKey_file(SSL_context, mysql->options.ssl_key, SSL_FILETYPE_PEM) <= 0) - goto error; - - /* verify key */ - if (have_cert && SSL_CTX_check_private_key(SSL_context) != 1) - goto error; - } /* ca_file and ca_path */ if (SSL_CTX_load_verify_locations(SSL_context, mysql->options.ssl_ca, @@ -243,6 +219,22 @@ static int my_ssl_set_certs(SSL *ssl) if (SSL_CTX_set_default_verify_paths(SSL_context) == 0) goto error; } + + /* set cert */ + if (mysql->options.ssl_cert && mysql->options.ssl_cert[0] != 0) + if (SSL_CTX_use_certificate_chain_file(SSL_context, mysql->options.ssl_cert) <= 0) + goto error; + + /* set key */ + if (key_file) + { + if (SSL_CTX_use_PrivateKey_file(SSL_context, key_file, SSL_FILETYPE_PEM) <= 0) + goto error; + + /* verify key */ + if (!SSL_CTX_check_private_key(SSL_context)) + goto error; + } if (mysql->options.extension && (mysql->options.extension->ssl_crl || mysql->options.extension->ssl_crlpath)) { @@ -291,20 +283,18 @@ static int my_verify_callback(int ok, X509_STORE_CTX *ctx) DBUG_RETURN(0); depth= X509_STORE_CTX_get_error_depth(ctx); if (depth == 0) - { ok= 1; - DBUG_RETURN(1); - } } - else - DBUG_RETURN(1); - my_set_error(mysql, CR_SSL_CONNECTION_ERROR, SQLSTATE_UNKNOWN, - ER(CR_SSL_CONNECTION_ERROR), - X509_verify_cert_error_string(ctx->error)); - DBUG_RETURN(0); +/* + my_set_error(mysql, CR_SSL_CONNECTION_ERROR, SQLSTATE_UNKNOWN, + ER(CR_SSL_CONNECTION_ERROR), + X509_verify_cert_error_string(ctx->error)); +*/ + DBUG_RETURN(ok); } + /* allocates a new ssl object @@ -328,18 +318,20 @@ SSL *my_ssl_init(MYSQL *mysql) if (!my_ssl_initialized) my_ssl_start(mysql); + if (my_ssl_set_certs(mysql)) + goto error; + if (!(ssl= SSL_new(SSL_context))) goto error; if (!SSL_set_app_data(ssl, mysql)) goto error; - if (my_ssl_set_certs(ssl)) - goto error; verify= (!mysql->options.ssl_ca && !mysql->options.ssl_capath) ? SSL_VERIFY_NONE : SSL_VERIFY_PEER; - SSL_set_verify(ssl, verify, my_verify_callback); - SSL_set_verify_depth(ssl, 1); + + SSL_CTX_set_verify(SSL_context, verify, my_verify_callback); + SSL_CTX_set_verify_depth(SSL_context, 1); DBUG_RETURN(ssl); error: diff --git a/unittest/libmariadb/certs/ca.pem b/unittest/libmariadb/certs/ca.pem deleted file mode 100644 index ce93f60a..00000000 --- a/unittest/libmariadb/certs/ca.pem +++ /dev/null @@ -1,30 +0,0 @@ ------BEGIN CERTIFICATE----- -MIICTDCCAbWgAwIBAgIJAOzGST1sgGjAMA0GCSqGSIb3DQEBBQUAMD8xEzARBgoJ -kiaJk/IsZAEZFgNjb20xFzAVBgoJkiaJk/IsZAEZFgdleGFtcGxlMQ8wDQYDVQQD -DAZzZXJ2ZXIwHhcNMTQwMzAzMTIxNTM5WhcNMTQwNDAyMTIxNTM5WjA/MRMwEQYK -CZImiZPyLGQBGRYDY29tMRcwFQYKCZImiZPyLGQBGRYHZXhhbXBsZTEPMA0GA1UE -AwwGc2VydmVyMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJtK0qYQIWmTU5 -poKhvoSuMi26oPNpu+zYQ3NTKueY3xs03zRIhuJ5khI6t5/oRNRExDL/CU4609IT -to7YnDByUlBftTPHujsEuW6GDAzVlmpGNuBYO5oLNBGL3f5BF0eDh37vQEYyr67M -TR0mqPkd8IeztK0iCaJNXB7lTyyRcwIDAQABo1AwTjAdBgNVHQ4EFgQUlPvBMFAZ -XqTPqYsVautG+QomU74wHwYDVR0jBBgwFoAUlPvBMFAZXqTPqYsVautG+QomU74w -DAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQUFAAOBgQB7Tu43BPt82IYShXH9FoYR -WWqG2PI5BrN32VcTKEP/cZf7QNrPuungjnHne1VMVIN4dfB8QWB4Uvjq5f5kWunI -BY1YpPFNy+5p+sUAHX9H4rJloVwNLYSKWPhEpe/zSKSTuPGqbAhYv8M/lMQlp58w -oICORfoW3HruDjRnJxTAPw== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIICTDCCAbWgAwIBAgIJAKPJnSVjrc7LMA0GCSqGSIb3DQEBBQUAMD8xEzARBgoJ -kiaJk/IsZAEZFgNjb20xFzAVBgoJkiaJk/IsZAEZFgdleGFtcGxlMQ8wDQYDVQQD -DAZjbGllbnQwHhcNMTQwMzAzMTIxNTM5WhcNMTQwNDAyMTIxNTM5WjA/MRMwEQYK -CZImiZPyLGQBGRYDY29tMRcwFQYKCZImiZPyLGQBGRYHZXhhbXBsZTEPMA0GA1UE -AwwGY2xpZW50MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCW1pzU0Rgd631H -L4C2wB2hoIzwFxKcqHJk6MxZMcCFjH3EFyo7+hn42Hpz2bkibgsn9/Kcg2Y32cgK -B1rWmerD8cU0dMcqxImZwyg5//s0tX2UjleZRnVTs5JEqFjSZSool0MHGKXnp8Bc -t4F4d5hduT2WxXcRG+ltzATEV2A79QIDAQABo1AwTjAdBgNVHQ4EFgQUVcbFkeIN -mXA+BmOy8AFkgDSFTUswHwYDVR0jBBgwFoAUVcbFkeINmXA+BmOy8AFkgDSFTUsw -DAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQUFAAOBgQANxUnH8UXd2vo83DQPh6+I -E4J7DYn1D4pC3WXWQXIPXHvkmuuJnZcmapS4mgK932SyteALM4u5D01rvtpV76we -sgPZHXDPXDimT62AScYgO8LpvEcmaYtw1zgxXRnC+o6DHNOvoG5iaV7kVo3wzr3B -qtgFiFBvZYHTZ+hVAkk19Q== ------END CERTIFICATE----- diff --git a/unittest/libmariadb/certs/client-cert.pem b/unittest/libmariadb/certs/client-cert.pem deleted file mode 100644 index a4718952..00000000 --- a/unittest/libmariadb/certs/client-cert.pem +++ /dev/null @@ -1,15 +0,0 @@ ------BEGIN CERTIFICATE----- -MIICTDCCAbWgAwIBAgIJAKPJnSVjrc7LMA0GCSqGSIb3DQEBBQUAMD8xEzARBgoJ -kiaJk/IsZAEZFgNjb20xFzAVBgoJkiaJk/IsZAEZFgdleGFtcGxlMQ8wDQYDVQQD -DAZjbGllbnQwHhcNMTQwMzAzMTIxNTM5WhcNMTQwNDAyMTIxNTM5WjA/MRMwEQYK -CZImiZPyLGQBGRYDY29tMRcwFQYKCZImiZPyLGQBGRYHZXhhbXBsZTEPMA0GA1UE -AwwGY2xpZW50MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCW1pzU0Rgd631H -L4C2wB2hoIzwFxKcqHJk6MxZMcCFjH3EFyo7+hn42Hpz2bkibgsn9/Kcg2Y32cgK -B1rWmerD8cU0dMcqxImZwyg5//s0tX2UjleZRnVTs5JEqFjSZSool0MHGKXnp8Bc -t4F4d5hduT2WxXcRG+ltzATEV2A79QIDAQABo1AwTjAdBgNVHQ4EFgQUVcbFkeIN -mXA+BmOy8AFkgDSFTUswHwYDVR0jBBgwFoAUVcbFkeINmXA+BmOy8AFkgDSFTUsw -DAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQUFAAOBgQANxUnH8UXd2vo83DQPh6+I -E4J7DYn1D4pC3WXWQXIPXHvkmuuJnZcmapS4mgK932SyteALM4u5D01rvtpV76we -sgPZHXDPXDimT62AScYgO8LpvEcmaYtw1zgxXRnC+o6DHNOvoG5iaV7kVo3wzr3B -qtgFiFBvZYHTZ+hVAkk19Q== ------END CERTIFICATE----- diff --git a/unittest/libmariadb/certs/client-key-enc.pem b/unittest/libmariadb/certs/client-key-enc.pem deleted file mode 100644 index cf5bbff6..00000000 --- a/unittest/libmariadb/certs/client-key-enc.pem +++ /dev/null @@ -1,17 +0,0 @@ ------BEGIN ENCRYPTED PRIVATE KEY----- -MIICxjBABgkqhkiG9w0BBQ0wMzAbBgkqhkiG9w0BBQwwDgQIdzt3UBGdGKwCAggA -MBQGCCqGSIb3DQMHBAi3EQ5NVU79qASCAoAxZFIJr9LVbcP+g/E7xCKmaaNgMfWw -eLiIuJwZTgtFsb4CWG5pSGc1P+WP/4Blm2g9awnSOeIh9h4Rz1ZCeB4ztqZvTmqh -MRsZc6Bp+CTslQdkPT07pATzesF46Cp4kB2prC5/lYBxydtafvMeDQOHxGqAjYwW -6iqHrq2OGrJZkVYp5Jmg9Taj5uOXoUTLWvYtUVB/pHfe9TUFPYuhzNWv+8daG36Q -gxUNMP049TNgQmYSX3R2XSizwVwLiq51KQ8awhOjRAzvZg8Bj6stTgDge+JspajR -YZItn7+I/x4kv2M6/S2NnaXFjOnFB4ivr7BFGQhEM3drvE1hZw8LhYq1lFBFZeO/ -HXMeRIv95touqEvukoUT2E1lgsBiQ9EkpmH+mFQmqd8RHwxA2xVfx+WQo7wtPJ2e -oezWOybQRK1tMxnF+np70VyyfBo4Y0JZ4ac19lm0wsfLdIJ9+H91WfNTAdGwaqLf -yUEGRPpzIoCg2fw71mchZ8y3aknEWVMTcQsXlE8z5ZQv/m+x/2mK1Lw5Zg7MpOVi -742XN7cFmH/uBfE2CndODqOOt7Sn9zw/S7auDOrE0qjrxAaW0p0Xby38lvL3e7fj -/7qDf7dj/0vuOPxdEGWuhmUgM2ZXInxg6yGmmLDM15rbX613lWo1qmPKjl5MROSJ -aKvXf7bG5cGbZ/sdkoISykWb7W/lH2NyMWKv5tGsKCtkC/0I5aUFMk1p4FE4uky4 -cZauUBJ1itNcXR80u3B76siRFgGKLFFgfTioblGSxIQ2cFqq3lY8f4ZcW+JjWZug -g5p83DmIf7GCfjeuI4MYWYVcVu4kGCGtFmbZc54DalFEWZ3valr8C9l1 ------END ENCRYPTED PRIVATE KEY----- diff --git a/unittest/libmariadb/certs/client-key.pem b/unittest/libmariadb/certs/client-key.pem deleted file mode 100644 index bf055cee..00000000 --- a/unittest/libmariadb/certs/client-key.pem +++ /dev/null @@ -1,15 +0,0 @@ ------BEGIN RSA PRIVATE KEY----- -MIICXAIBAAKBgQCW1pzU0Rgd631HL4C2wB2hoIzwFxKcqHJk6MxZMcCFjH3EFyo7 -+hn42Hpz2bkibgsn9/Kcg2Y32cgKB1rWmerD8cU0dMcqxImZwyg5//s0tX2UjleZ -RnVTs5JEqFjSZSool0MHGKXnp8Bct4F4d5hduT2WxXcRG+ltzATEV2A79QIDAQAB -AoGAYsK2AOm+3qg3aIqDviRfwlm6reCNgSERdVyvn57hrQ9lsSRxtL92jeY/lubx -PsfKaisAINYv8VWYkmhqY6R3fz7T2xmu0raSLS953dcs03oknnTJX6cOxkms9wtw -AHVyAF5Lti0uEWS9LxxcJR7TAGI5UkJSQ88uWZeawH4XYgECQQDE+w49yaaEDcFN -wLOWJIKTkBhvLkc76mI56kBgJS3rdG6/2EVJjwCQmPFUFaZpgqcsWZTZ2AlfhUAq -bVl2Fg41AkEAxAhQrvFR3eupSy7RCqQ+X/kmlco1UYLtzCiFAGOV7wWlstVLbT76 -i/DClvvLZzQuGed6ELn4xsuHN3Fan6ouwQJBALH53F47anZ6LyPfbuPDzS8izND3 -0WjzVxjY7J1yOlE5fC9eawwRZwM/DR1aCmfeoslRj0pdBesGbHlpH6GwP9kCQAxc -Cdo91M+NICthVES7fkNGziv7h8kP3DZXB6uym61qSbwwvoSwx9My5tHmJjjnjVCM -y6FqWEkQZAIW34PZkwECQDd6osrGUSGcGbo324mwLTz4Qa1G96nX5U20vOXyJ0hb -JJBl9rnl/dDN7MA6PWWArJqJY9AERQ8NUgMTloQlwi0= ------END RSA PRIVATE KEY----- diff --git a/unittest/libmariadb/certs/server-cert.pem b/unittest/libmariadb/certs/server-cert.pem deleted file mode 100644 index 3addb43f..00000000 --- a/unittest/libmariadb/certs/server-cert.pem +++ /dev/null @@ -1,15 +0,0 @@ ------BEGIN CERTIFICATE----- -MIICTDCCAbWgAwIBAgIJAOzGST1sgGjAMA0GCSqGSIb3DQEBBQUAMD8xEzARBgoJ -kiaJk/IsZAEZFgNjb20xFzAVBgoJkiaJk/IsZAEZFgdleGFtcGxlMQ8wDQYDVQQD -DAZzZXJ2ZXIwHhcNMTQwMzAzMTIxNTM5WhcNMTQwNDAyMTIxNTM5WjA/MRMwEQYK -CZImiZPyLGQBGRYDY29tMRcwFQYKCZImiZPyLGQBGRYHZXhhbXBsZTEPMA0GA1UE -AwwGc2VydmVyMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJtK0qYQIWmTU5 -poKhvoSuMi26oPNpu+zYQ3NTKueY3xs03zRIhuJ5khI6t5/oRNRExDL/CU4609IT -to7YnDByUlBftTPHujsEuW6GDAzVlmpGNuBYO5oLNBGL3f5BF0eDh37vQEYyr67M -TR0mqPkd8IeztK0iCaJNXB7lTyyRcwIDAQABo1AwTjAdBgNVHQ4EFgQUlPvBMFAZ -XqTPqYsVautG+QomU74wHwYDVR0jBBgwFoAUlPvBMFAZXqTPqYsVautG+QomU74w -DAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQUFAAOBgQB7Tu43BPt82IYShXH9FoYR -WWqG2PI5BrN32VcTKEP/cZf7QNrPuungjnHne1VMVIN4dfB8QWB4Uvjq5f5kWunI -BY1YpPFNy+5p+sUAHX9H4rJloVwNLYSKWPhEpe/zSKSTuPGqbAhYv8M/lMQlp58w -oICORfoW3HruDjRnJxTAPw== ------END CERTIFICATE----- diff --git a/unittest/libmariadb/certs/server-key-enc.pem b/unittest/libmariadb/certs/server-key-enc.pem deleted file mode 100644 index 2ef778af..00000000 --- a/unittest/libmariadb/certs/server-key-enc.pem +++ /dev/null @@ -1,17 +0,0 @@ ------BEGIN ENCRYPTED PRIVATE KEY----- -MIICxjBABgkqhkiG9w0BBQ0wMzAbBgkqhkiG9w0BBQwwDgQIPpJdGdXjQRACAggA -MBQGCCqGSIb3DQMHBAiUKNGTStSZLQSCAoC98JfG2THDxTwONDo/2cEwC2nmPiOt -zptOrZBGEss9O+yt85JUge47Hidvf/O98/4zOAaOOwvt7Sq4Sosr+xovHYpvyYl1 -O4K5YMeS/Nx+lS5qcX6nKTuz/Nh69PTzn+cOT61ZYHTjXrcAMDKRbmcZTuN07ZXY -toZOdQomJ5ivvh4zQqufk0VbtQ53Cy2OYvY+Zm42lmowWwSfJZbIWEfBxp/PUrap -LyG9lDvcUJopcMcQ7cDg65M6fZoE1RjF1ACsPnmMzJJrlVgkYyDwKl0cXEaBIja+ -zA0iWbyHqre8sOD7Fv1PCTPhqOQ0eLU9RttPaw0YuPU4wx7Czlqkumzf4wZnYVe+ -rerh1/KjV/KyekcfrxNWaiLgiLVTDxGAFTU7wj7jKneMG2qTD/bvLRfcoiWH+1vK -agyzL4wu2X0RyZQqPm3YbGl/ye/gusJmCpxR2vDD3dNw/pNi7jl/oZZnrUuV4VJQ -xnaKQMcGm97UciGXg0S5rNPdZcSvbbU02pbj8B4Eg2QQXfFXI7UUxEWAcyP22YXj -kAy1y7rI+9MDUX+pss7oncWD/meE+3X5qRorhvH3hN6UvDHCSL8g4iOlwjFA7IV+ -IPQw+QKJkBxNkj2/esV1GcDgeTKF+ybCnGZK5TANg68eArawWOmv/pYSsubsGfTn -l5hcQF8zmm/p12KXxhJp21jyCHYiVXB8oAJXbAKssvnGZfkEo4vOmZiMsLCVsZI6 -1Pyo9G/c8W9DjaXZmgiN2APQciiRXkv87nru0d9zeiEiZRaTIC2xQuAojQZ4wLGl -8eu7oqo/ebyi174UEAeNW8l/QUeMJVCyBKdbKKeRmZUzzJx0BJLMJskK ------END ENCRYPTED PRIVATE KEY----- diff --git a/unittest/libmariadb/certs/server-key.pem b/unittest/libmariadb/certs/server-key.pem deleted file mode 100644 index c6f5b154..00000000 --- a/unittest/libmariadb/certs/server-key.pem +++ /dev/null @@ -1,15 +0,0 @@ ------BEGIN RSA PRIVATE KEY----- -MIICXwIBAAKBgQDJtK0qYQIWmTU5poKhvoSuMi26oPNpu+zYQ3NTKueY3xs03zRI -huJ5khI6t5/oRNRExDL/CU4609ITto7YnDByUlBftTPHujsEuW6GDAzVlmpGNuBY -O5oLNBGL3f5BF0eDh37vQEYyr67MTR0mqPkd8IeztK0iCaJNXB7lTyyRcwIDAQAB -AoGBAJk+Yp2i7BI9PhnZrr+x3l32E5YJ+ETpmMzJmhGitCgJwULPHYrIp8HTP3RK -0/uEZ30DTvdCm6PIEIAXn7lkGM04YcnaerXIHBSwNQKIhyniNDfBfqox6azQaCDy -wTFSgghU1SNOn6+ZOCXeGtp4Y7cXEWzPWfI0UJ9HopY0k+HZAkEA8UuJ87/JwMjk -t4lB6ml+YgQw9MGrxAsdJrLzqvWo68Jd1g2Le6ghcRRTsx9KJo6b1P+63jxk6jnj -ZMywLJL2nwJBANX/gIYXeDgsNkoFn3T6YPteatMPup5bT4t1sYRDZbKQj+rDVDYL -PuwK6kIO4xQ6UId9UclfOVb7rwpsJa8jGK0CQQCj6SN6EBNWQWGVB8leGnF+1cgH -y7QJxV71FeUOgjhQhsVFjgftZUXqUduVtzCgxok3BM0FAFOxBMfihmU6sk6TAkEA -ixQ4Em30awWI7wjCfoMvPo85fByv27VaeDewfFZVJP1BG4GBHHKonT3my7HjMUVJ -CxWObwKdQIPoWiy5PR7hLQJBAJxTKKgO5EVXUAv+gEmt+zTIKbTRyAWUcx/Ee4or -ZHMwsQMtW95EKiakNYZ9lCZwLeyRF3I9iNn7RirresRan+I= ------END RSA PRIVATE KEY----- diff --git a/unittest/libmariadb/ssl.c.in b/unittest/libmariadb/ssl.c.in index cd028c42..9ce70e6b 100644 --- a/unittest/libmariadb/ssl.c.in +++ b/unittest/libmariadb/ssl.c.in @@ -65,8 +65,7 @@ static int test_ssl(MYSQL *mysql) if (!skip_ssl) { - rc= mysql_query(mysql, "DROP USER 'ssltest'@'localhost'"); - + rc= mysql_query(mysql, "DROP USER 'ssluser'@'localhost'"); rc= mysql_query(mysql, "GRANT ALL ON test.* TO 'ssluser'@'localhost' IDENTIFIED BY 'sslpw' REQUIRE SSL"); rc= mysql_query(mysql, "FLUSH PRVILEGES"); } @@ -96,6 +95,40 @@ static int test_ssl_cipher(MYSQL *unused) return OK; } +static int test_conc95(MYSQL *my) +{ + MYSQL *mysql; + int rc; + + if (check_skip_ssl()) + return SKIP; + + rc= mysql_query(my, "DROP USER 'ssluser1'@'localhost'"); + check_mysql_rc(rc, my); + rc= mysql_query(my, "GRANT ALL ON test.* TO 'ssluser1'@'localhost' IDENTIFIED BY 'sslpw' REQUIRE X509"); + check_mysql_rc(rc, my); + rc= mysql_query(my, "FLUSH PRIVILEGES"); + check_mysql_rc(rc, my); + + mysql= mysql_init(mysql); + mysql_ssl_set(mysql, + "@CMAKE_SOURCE_DIR@/unittest/libmariadb/certs/server-key.pem", + "@CMAKE_SOURCE_DIR@/unittest/libmariadb/certs/server-cert.pem", + "@CMAKE_SOURCE_DIR@/unittest/libmariadb/certs/ca.pem", + NULL, + NULL); + + if (!mysql_real_connect(mysql, hostname, "ssluser1", sslpw, schema, + port, socketname, 0)) + { + mysql_close(mysql); + diag("could not establish x509 connection"); + return FAIL; + } + mysql_close(mysql); + return OK; +} + static int test_multi_ssl_connections(MYSQL *unused) { MYSQL *mysql[50], *my; @@ -347,6 +380,7 @@ static int test_conc50_3(MYSQL *my) mysql_real_connect(mysql, hostname, "ssltest", NULL, schema, port, socketname, 0); + diag("Error: %s<", mysql_error(mysql)); FAIL_IF(mysql_errno(mysql), "No error expected"); mysql_close(mysql); @@ -367,7 +401,7 @@ static int test_conc50_4(MYSQL *my) mysql_real_connect(mysql, hostname, ssluser, sslpw, schema, port, socketname, 0); - FAIL_IF(mysql_errno(mysql) , "Expected no error"); + FAIL_IF(!mysql_errno(mysql) , "Error expected"); mysql_close(mysql); return OK; @@ -381,9 +415,6 @@ static int verify_ssl_server_cert(MYSQL *my) if (check_skip_ssl()) return SKIP; - diag("certs needs to be fixed."); - return SKIP; - mysql= mysql_init(NULL); FAIL_IF(!mysql, "Can't allocate memory"); @@ -460,6 +491,7 @@ struct my_tests_st my_tests[] = { {"test_conc50_2", test_conc50_2, TEST_CONNECTION_NEW, 0, NULL, NULL}, {"test_conc50_3", test_conc50_3, TEST_CONNECTION_NEW, 0, NULL, NULL}, {"test_conc50_4", test_conc50_4, TEST_CONNECTION_NEW, 0, NULL, NULL}, + {"test_conc95", test_conc95, TEST_CONNECTION_NEW, 0, NULL, NULL}, {"verify_ssl_server_cert", verify_ssl_server_cert, TEST_CONNECTION_NEW, 0, NULL, NULL}, {"test_bug62743", test_bug62743, TEST_CONNECTION_NEW, 0, NULL, NULL}, {"test_phpbug51647", test_phpbug51647, TEST_CONNECTION_NONE, 0, NULL, NULL},